inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c69ebe9c75d12f1dde522f010038beda30e4acab
alfresco-community-repo/config/alfresco/web-client-application-context.xml
Dave Ward 80cda47b63 Merged V3.3-BUG-FIX to HEAD 
21132: ALF-3855: Refactored repository authentication filters so that same code is re-used for Web Client, Web Script, Web DAV and Sharepoint authentication
      - 'Uber Filter' part 3
      - Means we now support Kerberos Authentication for Sharepoint
      - Threw away a lot of duplicated code
      - New common AuthenticationDriver interface created and now implemented by core authentication code
      - Sharepoint and BaseSSOAuthenticationFilter now both use AuthenticationDrivers
      - Needs regression testing
   21137: ALF-3841: Alfresco Explorer SSO Authentication Filters now accept ticket parameters too
      - Can be turned back off with ntlm.authentication.browser.ticketLogons=false or kerberos.authentication.browser.ticketLogons=false
      - Wiki updated
   21141: ALF-3855: Fixed wiring
   21146: ALF-2879: 'xamconnector' module behaviour for xam:archived
      - Application of xam:archived recurses and locks both files and folders
      - cm:content nodes also have the store selector applied for the XAMContentStore
      - TODO: Archive properties
   21165: Fixed ALF-3867: SQL format error when re-instating orphaned content URL
      - Parameter was not bounded with #
      - Added unit test to ensure SQL generated is correct
   21169: Merged V3.3 to V3.3-BUG-FIX
      21168: (RECORD ONLY Merged PATCHES/V3.2.1 to V3.3
         21166: Merged V3.3-BUG-FIX to PATCHES/V3.2.1
            21165: Fixed ALF-3867: SQL format error when re-instating orphaned content URL
               - Parameter was not bounded with #
               - Added unit test to ensure SQL generated is correct
      21118: Latest SpringSurf libs:
         - Fix for missing read of "keystore" in Remote config
         - Session Fixation attack mitigation improvements:
         - A Surf application no longer generates a Session (and therefore no JSESSIONID) until a user is authenticated - simply visiting a login page or similar will no longer generate a Session
         - Existing Sessions are always invalidated and destroyed if found when a user is authenticated via the LoginController (i.e. due to a JSESSIONID captured via an XSS attack)

         Merged HEAD to V3.3
            21111: Fix to encode form parameter on Share login template - prevents its potential use as an reflected XSS attack vector
            21117: Session Fixation mitigation:
               - Removed Session creation from Share index.jsp

         Merged V3.3-BUG-FIX-2010_06_24 to V3.3
            21096: Fix for ALF-3718 - JSF client login page input validator is too aggressive ("Login" button is disabled if username contains forward slash)
      21088: Latest SpringSurf libs


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@21170 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2010-07-14 14:49:50 +00:00

307 lines
13 KiB
XML
Raw Blame History

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!-- ===================================== -->
<!-- Web Client Config Sources -->
<!-- ===================================== -->
<bean id="webClientConfigSource" parent="repoUrlConfigSource">
<constructor-arg>
<list>
<value>classpath:alfresco/web-client-config.xml</value>
<value>classpath:alfresco/web-client-config-dialogs.xml</value>
<value>classpath:alfresco/web-client-config-wizards.xml</value>
<value>classpath:alfresco/web-client-config-properties.xml</value>
<value>classpath:alfresco/web-client-config-navigation.xml</value>
<value>classpath:alfresco/web-client-config-wcm.xml</value>
<value>classpath:alfresco/web-client-config-actions.xml</value>
<value>classpath:alfresco/web-client-config-forum-actions.xml</value>
<value>classpath:alfresco/web-client-config-wcm-actions.xml</value>
<value>classpath:alfresco/web-client-config-workflow-actions.xml</value>
<value>classpath:alfresco/extension/web-client-config-custom.xml</value>
<value>jar:*!/META-INF/web-client-config-custom.xml</value>
<value>workspace://SpacesStore/${spaces.company_home.childname}/${spaces.dictionary.childname}/app:webclient_extension/cm:web-client-config-custom.xml</value>
</list>
</constructor-arg>
</bean>
<bean id="repoUrlConfigSource" class="org.alfresco.repo.config.source.RepoUrlConfigSource" abstract="true">
<property name="tenantService" ref="tenantService"/>
<property name="searchService" ref="SearchService"/>
<property name="contentService" ref="ContentService"/>
<property name="namespaceService" ref="NamespaceService"/>
<property name="nodeService" ref="NodeService"/>
</bean>
<!-- ===================================== -->
<!-- Web Client Config Data Cache -->
<!-- ===================================== -->
<!-- The cross-transaction shared cache for in-memory GlobalConfig -->
<bean name="globalConfigSharedCache" class="org.alfresco.repo.cache.EhCacheAdapter">
<property name="cache">
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean" >
<property name="cacheManager">
<ref bean="internalEHCacheManager" />
</property>
<property name="cacheName">
<value>org.alfresco.cache.globalConfigCache</value>
</property>
</bean>
</property>
</bean>
<!-- The transactional cache for in-memory GlobalConfig -->
<bean name="globalConfigCache" class="org.alfresco.repo.cache.TransactionalCache">
<property name="sharedCache">
<ref bean="globalConfigSharedCache" />
</property>
<property name="name">
<value>org.alfresco.globalConfigTransactionalCache</value>
</property>
<property name="maxCacheSize">
<value>10</value>
</property>
</bean>
<!-- ===================================== -->
<!-- Web Client Config Service -->
<!-- ===================================== -->
<bean id="webClientConfigService" class="org.alfresco.repo.config.xml.RepoXMLConfigService">
<constructor-arg>
<ref bean="webClientConfigSource" />
</constructor-arg>
<property name="tenantAdminService" ref="tenantAdminService"/>
<property name="transactionService" ref="transactionComponent"/>
<property name="authenticationContext" ref="authenticationContext"/>
<property name="configDataCache" ref="globalConfigCache"/>
</bean>
<bean id="webClientConfigAdminInterpreter" class="org.alfresco.web.config.ConfigAdminInterpreter" parent="interpreterBase">
<property name="repoXMLConfigService" ref="webClientConfigService"/>
</bean>
<bean id="webClientConfigAdminInterpreterHelp" class="org.alfresco.i18n.ResourceBundleBootstrapComponent">
<property name="resourceBundles">
<list>
<value>alfresco.messages.webclient-config-admin-interpreter-help</value>
</list>
</property>
</bean>
<!-- NOTE: This references a bean in the repository Spring configuration -->
<bean id="dataDictionary" class="org.alfresco.web.bean.repository.DataDictionary">
<constructor-arg>
<ref bean="DictionaryService" />
</constructor-arg>
</bean>
<!-- NOTE: This references a bean in the repository Spring configuration -->
<bean id="FormsService" class="org.alfresco.web.forms.FormsService">
<constructor-arg>
<ref bean="ContentService" />
</constructor-arg>
<constructor-arg>
<ref bean="NodeService" />
</constructor-arg>
<constructor-arg>
<ref bean="NamespaceService" />
</constructor-arg>
<constructor-arg>
<ref bean="SearchService" />
</constructor-arg>
<constructor-arg>
<ref bean="policyComponent" />
</constructor-arg>
</bean>
<!-- NOTE: This references a bean in the repository Spring configuration -->
<bean id="Schema2XFormsProperties" class="org.alfresco.web.forms.xforms.Schema2XFormsProperties">
<constructor-arg>
<ref bean="ContentService" />
</constructor-arg>
<constructor-arg>
<ref bean="NamespaceService" />
</constructor-arg>
<constructor-arg>
<ref bean="NodeService" />
</constructor-arg>
<constructor-arg>
<ref bean="SearchService" />
</constructor-arg>
<property name="locations">
<list>
<!-- TODO currently WCM form string will override form string, which may not be desired -->
<value>alfresco:/${spaces.company_home.childname}/${spaces.dictionary.childname}/${spaces.wcm_content_forms.childname}/${form.name}/cm:strings</value>
<value>alfresco:/${spaces.company_home.childname}/${spaces.dictionary.childname}/${spaces.wcm_content_forms.childname}/cm:strings</value>
<value>alfresco:/${spaces.company_home.childname}/${spaces.dictionary.childname}/${spaces.content_forms.childname}/${form.name}/cm:strings</value>
<value>alfresco:/${spaces.company_home.childname}/${spaces.dictionary.childname}/${spaces.content_forms.childname}/cm:strings</value>
<value>classpath:alfresco/messages/webclient</value>
</list>
</property>
<property name="formatCaption">
<value>${xforms.formatCaption}</value>
</property>
</bean>
<!-- ===================================== -->
<!-- Web Script Beans -->
<!-- ===================================== -->
<!-- Alfresco Web Client Authenticator (Servlet based) -->
<bean id="webscripts.authenticator.webclient" class="org.alfresco.repo.web.scripts.servlet.WebClientAuthenticatorFactory" />
<bean id="webscripts.authenticator.jsr168.webclient" class="org.alfresco.repo.web.scripts.portlet.WebClientPortletAuthenticatorFactory" lazy-init="true"/>
<bean id="RemoteUserMapper" class="org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory">
<property name="applicationContextManager">
<ref bean="Authentication" />
</property>
<property name="interfaces">
<list>
<value>org.alfresco.repo.webdav.auth.RemoteUserMapper</value>
<value>org.alfresco.repo.management.subsystems.ActivateableBean</value>
</list>
</property>
<property name="sourceBeanName">
<value>remoteUserMapper</value>
</property>
</bean>
<bean id="AuthenticationFilter" class="org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory">
<property name="applicationContextManager">
<ref bean="Authentication" />
</property>
<property name="interfaces">
<list>
<value>org.alfresco.repo.web.filter.beans.DependencyInjectedFilter</value>
</list>
</property>
<property name="sourceBeanName">
<value>authenticationFilter</value>
</property>
<!-- Fall back to the default alfresco implementation -->
<property name="defaultTarget">
<ref bean="defaultAuthenticationFilter"/>
</property>
</bean>
<bean id="defaultAuthenticationFilter" class="org.alfresco.web.app.servlet.AuthenticationFilter">
<property name="configService">
<ref bean="webClientConfigService" />
</property>
</bean>
<bean id="GlobalAuthenticationFilter" class="org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory">
<property name="applicationContextManager">
<ref bean="Authentication" />
</property>
<property name="interfaces">
<list>
<value>org.alfresco.repo.web.filter.beans.DependencyInjectedFilter</value>
</list>
</property>
<property name="sourceBeanName">
<value>globalAuthenticationFilter</value>
</property>
<!-- Fall back to a benign default implementation -->
<property name="defaultTarget">
<bean class="org.alfresco.repo.web.filter.beans.NullFilter" />
</property>
</bean>
<bean id="WebscriptAuthenticationFilter" class="org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory">
<property name="applicationContextManager">
<ref bean="Authentication" />
</property>
<property name="interfaces">
<list>
<value>org.alfresco.repo.web.filter.beans.DependencyInjectedFilter</value>
</list>
</property>
<property name="sourceBeanName">
<value>webscriptAuthenticationFilter</value>
</property>
<!-- Fall back to a benign default implementation -->
<property name="defaultTarget">
<bean class="org.alfresco.repo.web.filter.beans.NullFilter" />
</property>
</bean>
<bean id="WebDavAuthenticationFilter" class="org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory">
<property name="applicationContextManager">
<ref bean="Authentication" />
</property>
<property name="interfaces">
<list>
<value>org.alfresco.repo.web.filter.beans.DependencyInjectedFilter</value>
</list>
</property>
<property name="sourceBeanName">
<value>webDavAuthenticationFilter</value>
</property>
<!-- Fall back to the default alfresco implementation -->
<property name="defaultTarget">
<bean class="org.alfresco.repo.webdav.auth.AuthenticationFilter">
<property name="authenticationService">
<ref bean="AuthenticationService" />
</property>
<property name="personService">
<ref bean="PersonService" />
</property>
<property name="nodeService">
<ref bean="NodeService" />
</property>
<property name="transactionService">
<ref bean="TransactionService" />
</property>
<property name="authenticationComponent">
<ref bean="AuthenticationComponent" />
</property>
<property name="remoteUserMapper">
<ref bean="RemoteUserMapper" />
</property>
</bean>
</property>
</bean>
<bean id="SharepointAuthenticationHandler" class="org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory">
<property name="applicationContextManager">
<ref bean="Authentication" />
</property>
<property name="interfaces">
<list>
<value>org.alfresco.repo.webdav.auth.AuthenticationDriver</value>
</list>
</property>
<property name="sourceBeanName">
<value>sharepointAuthenticationHandler</value>
</property>
<!-- Fall back to the default alfresco implementation -->
<property name="defaultTarget">
<bean class="org.alfresco.web.sharepoint.auth.BasicAuthenticationHandler">
<property name="authenticationService">
<ref bean="AuthenticationService" />
</property>
<property name="personService">
<ref bean="PersonService" />
</property>
</bean>
</property>
</bean>
</beans>
Reference in New Issue View Git Blame Copy Permalink